BSidesSF 2025: Full Schedule

11:15am PDT

Inside the Information Stealer Ecosystem: From Compromise to Countermeasure

Saturday April 26, 2025 11:15am - 12:00pm PDT

Information stealer malware is underestimated by our industry. In this deep-dive, we look into what is captured by them (desktop screenshots, password vaults, browser extensions, MFA bypass material, etc.), cover the Redline takedown, and offer defensive countermeasures, including code and samples.

Speakers

Olivier Bilodeau

Principal Cybersecurity Researcher, Flare

Olivier Bilodeau, a principal researcher at Flare, brings 12+ years of cutting-edge infosec expertise in honeypot operations, binary reverse-engineering, and RDP interception. Passionate communicator, Olivier spoke at conferences like BlackHat, DEFCON, SecTor, Derbycon, and more... Read More →

Saturday April 26, 2025 11:15am - 12:00pm PDT
AMC Theatre 14 AMC at Metreon

Presentation, Deep Dive

1:00pm PDT

Light in the Labyrinth: Breach Path Analysis for Anyone

Saturday April 26, 2025 1:00pm - 1:45pm PDT

AMC Theatre 14

Learn to build your own treasure map of how threat actors might move laterally through your company’s assets. We’ll provide a conceptual engineering framework for breach path analysis, recommend no- or low-cost tools, share examples, and release an open-source security graph ontology to learn from.

Speakers

Parker Shelton

Principal Software Engineer, Microsoft

Light In the Labyrinth BSidesSF 2025 pdf

Saturday April 26, 2025 1:00pm - 1:45pm PDT
AMC Theatre 14 AMC at Metreon

Presentation, Deep Dive

2:00pm PDT

Hack, Patch, Repeat: Insider Tales from Android’s Bug Bounty

Saturday April 26, 2025 2:00pm - 2:45pm PDT

AMC Theatre 14

What does it take to secure 3 billion users on the world’s leading mobile platform? This session dives into Android security from a holistic perspective.

Speakers

Maria Uretsky

Google

Maria Uretsky is the Tech Lead on the Android Vulnerability Rewards program at Google. Her passion is to break all the things before the bad actors do, to ensure they are kept out. During her 10+ years of software engineering and security work, she has been part of Google Cloud Security... Read More →

Camillus Cai

Google

Camillus plays a key role in the Android Vulnerability Reporting Program at Google, where he investigates security bugs that range from bug bounty submissions to reverse-engineered adversarial exploits. Based in Seattle, his past experience encompasses security engineering, software... Read More →

Saturday April 26, 2025 2:00pm - 2:45pm PDT
AMC Theatre 14 AMC at Metreon

Presentation, Deep Dive

3:00pm PDT

0.0.0.0 Day: Exploiting Localhost APIs From The Browser

Saturday April 26, 2025 3:00pm - 3:45pm PDT

AMC Theatre 14

While seemingly local, services running on localhost are accessible to the browser using a flaw we found, exposing the ports on the localhost network interface and leaving the floodgates ajar to remote network attacks. This session will dive into the 0.0.0.0 exploit research conducted by the team.

Speakers

Gal Elbaz

Saturday April 26, 2025 3:00pm - 3:45pm PDT
AMC Theatre 14 AMC at Metreon

Presentation, Deep Dive

4:00pm PDT

Service Mesh Security: Shifting Focus to the Application Layer

Saturday April 26, 2025 4:00pm - 4:45pm PDT

AMC Theatre 14

Discover how Yelp's Infrastructure Security team transformed past challenges and failures into success by shifting authentication and authorization from the infrastructure to the application layer. Learn how this pragmatic approach met all security requirements applicable to Yelp's threat model.

Speakers

Daniel Popescu

Security Group Tech Lead, Yelp

Daniel Popescu is the Group Tech Lead for Security at Yelp where they are responsible for all facets of security. Previously he worked at Microsoft on non-security products, but has maintained a passion for security since his undergrad years at the University of California, Santa... Read More →

Saturday April 26, 2025 4:00pm - 4:45pm PDT
AMC Theatre 14 AMC at Metreon

Presentation, Deep Dive

5:00pm PDT

Netsec is Dead(?): Modern Network Fingerprinting for Real-World Defense

Saturday April 26, 2025 5:00pm - 5:45pm PDT

AMC Theatre 14

From p0f to MuonFP and JA4+, learn how network fingerprinting evolved. See how each step helps security teams spot malicious traffic, detect scanners, and more. Attendees gain real-world use cases and practical tips to deploy fingerprinting for monitoring and threat hunting.

Speakers

Vlad Iliushin

ELLIO

Saturday April 26, 2025 5:00pm - 5:45pm PDT
AMC Theatre 14 AMC at Metreon

Presentation, Deep Dive

11:30am PDT

Don’t Sh*t-Left: How to Actually Shift-Left

Sunday April 27, 2025 11:30am - 12:15pm PDT

AMC Theatre 14

Shift-left sounds great — catch issues early, save time, empower devs — but too often it backfires, creating noise and chaos. Learn from real-world fails, laugh at sh*t-left stories, and discover practical strategies to make shift-left work. Let’s fix AppSec, one bug at a time.

Speakers

Ahmad Sadeddin

CEO, Corgea

Ahmad is the CEO at Corgea. He's a 3x founder with 1 exit. He's been coding since he was 12 and loves building software solutions to solve deep customer problems. In his spare time (very little of), he loves to BBQ and spend time with family and friends.

Sunday April 27, 2025 11:30am - 12:15pm PDT
AMC Theatre 14 AMC at Metreon

Presentation, Deep Dive

1:15pm PDT

Confidential Computing: Protecting Customer Data in the Cloud

Sunday April 27, 2025 1:15pm - 2:00pm PDT

AMC Theatre 14

Ever wonder how your data is really handled in the cloud? Confidential Computing gives you an answer by isolating your data and cryptographically proving what code was run. This talk dives into the hardware and software behind Confidential Computing, and how to ship it in real-world cases.

Speakers

Jordan Mecom

Sunday April 27, 2025 1:15pm - 2:00pm PDT
AMC Theatre 14 AMC at Metreon

Presentation, Deep Dive

2:15pm PDT

Don't Trust, Verify! - How I Found a CSRF Bug Hiding in Plain Sight

Sunday April 27, 2025 2:15pm - 2:45pm PDT

AMC Theatre 14

This talk explores the discovery of a long-standing CSRF (Cross-Site Request Forgery) vulnerability in the popular gorilla/csrf Go library. The goal is to encourage the audience to perform vulnerability research experiments in their own commonly used tools.

Speakers

Patrick O'Doherty

Member of Technical Staff, Tailscale

Sunday April 27, 2025 2:15pm - 2:45pm PDT
AMC Theatre 14 AMC at Metreon

Presentation, General

3:00pm PDT

Care and Feeding of HSMs: Key Management in Hard Mode

Sunday April 27, 2025 3:00pm - 3:30pm PDT

AMC Theatre 14

Cryptography's dirty secret: your security is only as strong as your key management. Dive into the treacherous world of HSMs, which promise salvation but deliver operational nightmares and hidden costs. HSMs: not for the faint of heart!

Speakers

Nick Pelis

Security Engineering Manager, Verkada

Sunday April 27, 2025 3:00pm - 3:30pm PDT
AMC Theatre 14 AMC at Metreon

Presentation, General

3:45pm PDT

Shadow IT Battlefield: The CyberHaven Breach and Defenses That Worked

Sunday April 27, 2025 3:45pm - 4:15pm PDT

AMC Theatre 14

Discover how the Cyberhaven breach case exposed critical Shadow IT risks — and the proactive allowlist strategy that minimized business disruption. The proactive controls saved our 40M+ users from being impacted. Gain insights, metrics, and a blueprint for continuous monitoring.

Speakers

Rohit Bansal

Zach Pritchard

Sunday April 27, 2025 3:45pm - 4:15pm PDT
AMC Theatre 14 AMC at Metreon

Presentation, General

4:30pm PDT

Understanding IRSF Fraud: Protecting Against SMS Exploitation

Sunday April 27, 2025 4:30pm - 5:00pm PDT

AMC Theatre 14

Attackers making money from MY 2FA? It's more likely than you think! SMS is a common 2FA method but creates risk: International Revenue Share Fraud, inflating SMS traffic to siphon revenue. Attendees will learn how to detect and mitigate IRSF with Cloudflare, OpenAI, and Datadog.

Speakers

Vien Van

Gusto

Senthil Sivasubramanian

Eng Leader, Gusto

Sunday April 27, 2025 4:30pm - 5:00pm PDT
AMC Theatre 14 AMC at Metreon

Presentation, General